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Continued Examination Under 37 CFR 1.114 
A request for continued examination under 37 CFR 1.114, including tlie fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 

forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
03/03/2008 has been entered. 

EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Atty. Anthony Jones, Reg. No. 59521 on June 5, 2008. 

IN THE CLAIMS: 

1 . (Currently Amended) A method for facilitating high speed network pacl<et 
flow by resolving conflicts between network service rules for network data traffic in a 
system where rule patterns with longer prefixes match before rule patterns with shorter 
prefixes, comprising: 

receiving one or more flows of packets; 
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receiving a set of networl^ service rules for networl< data traffic from multiple 
network services, wherein network service rules from different network services can 
possibly conflict; 

wherein each of the network service rules specifies, a filter that defines a prefix 
for a set of packets in the packet flow, and an action list that specifies one or more 
actions to be applied to the set of packets; 

identifying conflicts between higher priority rules and lower priority rules in the set 
of network service rules that are to be applied to packet flows; 

constructing a consistent set of network service rules with modified action lists, 
wherein each action list is modified by prepending an action list of the higher priority rule 
to an action list of a rule with a filter that defines a longer prefix, vyherein, , if the , set , of 
v\ .'X." ' .^"^ w • • \- ^ j"^- . ^ . ^ -kt ^^-^ .^ xets associated 

with the lower priority rule, conslructsng the set of network service rules involves 
creating a new action list for the higher priority rule by prepending the actio n list of the 
higher priority rule to the action list of the lower priority rule: and 

applying the consistent set of rules to a switching mechanism to facilitate packet 
flow management . 

2. (Cancelled) 

3. (Original) The method of claim 1 , wherein if the set of packets associated 
with the higher priority rule is a superset of the set of packets associated with the lower 
priority rule, resolving the conflict involves creating a new action list for the lower priority 
rule by prepending the action list of the higher priority rule to the action list of the lower 
priority rule. 

4. (Original) The method of claim 1 , wherein if the set of packets associated 
with the lower priority rule is a superset of the set of packets associated with the higher 
priority rule, resolving the conflict involves creating a new action list for the higher 
priority rule by prepending the action list of the higher priority rule to the action list of the 
lower priority rule. 
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5. (Original) The method of claim 1 , wherein if the set of packets associated 
with the lower priority rule intersects the set of packets associated with the higher 
priority rule, resolving the conflict involves: 

creating a new rule with a filter that defines the intersection of the set of packets 
associated with lower priority rule and the set of packets associated with the higher 
priority rule; and 

creating an action list for the new rule by prepending the action list of the higher 
priority rule to the action list of the lower priority rule. 

6. (Original) The method of claim 1 , wherein prior to modifying a rule in the 
set of network service rules, the method further comprises cloning the rule to ensure 
that potential conflicts with rules that appear later in the set of network service rules are 
not overlooked. 

7. (Original) The method of claim 1 , wherein the priority of a given rule is 
based upon one or more of the following: 

a priority associated with a network service from which given rule originated; 
a count of the number of prefix bits specified by the filter for the given rule; and 
a time stamp indicating when the given rule was incorporated into the set of 
network service rules. 

8. (Original) The method of claim 1 , wherein an action specified by a network 
service rule can include, but is not limited to: 

dropping a packet; 

gathering statistical information about the packet; 
controlling timer functions associated with the packet; 
modifying the packet; and 
passing the packet on. 

9. (Original) The method of claim 1 , wherein the multiple network services 
can include, but is not limited to: 

a firewall service; 

a service level agreement monitoring service; 
a load balancing service; 
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a transport matching service; 
a failover service; and 
a high availability service. 

1 0. (Currently Amended) A computer-readable storage medium storing 
instructions that when executed by a computer cause the computer to perform a method 
for resolving conflicts between network service rules for network data traffic in a system 
where rule patterns with longer prefixes match before rule patterns with shorter prefixes, 
the method comprising: 

receiving one or more flows of packets; 

receiving a set of network service rules for network data traffic from multiple 
network services, wherein network service rules from different network services can 
possibly conflict; 

wherein each of the network service rules specifies, a filter that defines a prefix 
for a set of packets in the packet flow, and an action list that specifies one or more 
actions to be applied to the set of packets; 

identifying conflicts between higher priority rules and lower priority rules in the set 
of network service rules that are to be applied to packet flows; and 

constructing a consistent set of network service rules with modified action lists, 
wherein each action list is modified by prepending an action list of the higher priority rule 
to an action list of a rule with a filter that defines a longer prefix,, wherein, , if th e , set , of 
packets associated with the higher priority rule is equal to the set of packets associated 
with the lower ppjorlty rule, constructing the set of network servjce rules involves 
creating a new action list for the higher priority rule by prepending the actio n list of the 
higher priority rule to the action list of the lower priority rule. 

1 1 . (Cancelled) 

12. (Original) The computer-readable storage medium of claim 1 0, wherein if 
the set of packets associated with the higher priority rule is a superset of the set of 
packets associated with the lower priority rule, resolving the conflict involves creating a 
new action list for the lower priority rule by prepending the action list of the higher 
priority rule to the action list of the lower priority rule. 
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1 3. (Original) The computer-readable storage medium of claim 1 0, wherein if 
the set of packets associated with the lower priority rule is a superset of the set of 
packets associated with the higher priority rule, resolving the conflict involves creating a 
new action list for the higher priority rule by prepending the action list of the higher 
priority rule to the action list of the lower priority rule. 

14. (Original) The computer-readable storage medium of claim 1 0, wherein if 
the set of packets associated with the lower priority rule intersects the set of packets 
associated with the higher priority rule, resolving the conflict involves: 

creating a new rule with a filter that defines the intersection of the set of packets 
associated with lower priority rule and the set of packets associated with the higher 
priority rule; and 

creating an action list for the new rule by prepending the action list of the higher 
priority rule to the action list of the lower priority rule. 

1 5. (Original) The computer-readable storage medium of claim 1 0, wherein 
prior to modifying a rule in the set of network service rules, the method further 
comprises cloning the rule to ensure that potential conflicts with rules that appear later 
in the set of network service rules are not overlooked. 

16. (Original) The computer-readable storage medium of claim 10, wherein 
the priority of a given rule is based upon one or more of the following: 

a priority associated with a network service from which given rule originated; 
a count of the number of prefix bits specified by the filter for the given rule; and 
a time stamp indicating when the given rule was incorporated into the set of 
network service rules. 

1 7. (Original) The computer-readable storage medium of claim 1 0, wherein an 
action specified by a network service rule can include, but is not limited to: 

dropping a packet; 

gathering statistical information about the packet; 
controlling timer functions associated with the packet; 
modifying the packet; and 
passing the packet on. 
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1 8. (Original) The computer-readable storage medium of claim 1 0, wherein 
the multiple network services can include, but is not limited to: 

a firewall service; 

a service level agreement monitoring service; 

a load balancing service; 
a transport matching service; 
a failover service; and 
a high availability service. 

1 9. (Currently Amended) An apparatus that resolves conflicts between 
networl< service rules for network data traffic in a system where rule patterns with longer 
prefixes match before rule patterns with shorter prefixes, comprising: 

a receiving mechanism configured to receive one or more flows of packets; 

a receiving mechanism configured to receive a set of network service rules for 
network data traffic from multiple network services, wherein network service rules from 
different network services can possibly conflict; 

wherein each of the network service rules specifies, a filter that defines a prefix 
for a set of packets in the packet flow, and an action list that specifies one or more 
actions to be applied to the set of packets; 

a conflict detection mechanism configured to identify conflicts between higher 
priority rules and lower priority rules in the set of network service rules that are to be 
applied to packet flows; and 

a conflict resolution mechanism configured to resolve the conflict by constructing 
a consistent set of network service rules with modified action lists, wherein each action 
list is modified by prepending an action list of the higher priority rule to an action list of a 
rule with a filter that defines a longer prefix \ o ^ v v .\ o ^ o " a " 

\' ^ ' V . V - ^ ^ ^^^'■>v'*Cjateg wiih ih 

create a new action list for the higher prjoritv rule bv prepending the action 
list of the higher priority rule to the action list of the lower priority rule: and to 
delete the . lower, priorit^^^^ 
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20. (Cancelled) 

21 . (Original) The apparatus of claim 1 9, wherein if the set of packets 
associated with the higher priority rule is a superset of the set of packets associated 
with the lower priority rule, the conflict resolution mechanism is configured to create a 
new action list for the lower priority rule by prepending the action list of the higher 
priority rule to the action list of the lower priority rule. 

22. (Original) The apparatus of claim 1 9, wherein if the set of packets 
associated with the lower priority rule is a superset of the set of packets associated with 
the higher priority rule, the conflict resolution mechanism is configured to create a new 
action list for the higher priority rule by prepending the action list of the higher priority 
rule to the action list of the lower priority rule. 

23. (Original) The apparatus of claim 1 9, wherein if the set of packets 
associated with the lower priority rule intersects the set of packets associated with the 
higher priority rule, the conflict resolution mechanism is configured to: 

create a new rule with a filter that defines the intersection of the set of packets 
associated with lower priority rule and the set of packets associated with the higher 
priority rule; and to 

create an action list for the new rule by prepending the action list of the higher 
priority rule to the action list of the lower priority rule. 

24. (Original) The apparatus of claim 19, wherein prior to modifying a rule in 
the set of network service rules, the conflict resolution mechanism is configured to clone 
the rule to ensure that potential conflicts with rules that appear later in the set of network 
service rules are not overlooked. 

25. (Original) The apparatus of claim 1 9, wherein the priority of a given rule is 
based upon one or more of the following: 

a priority associated with a network service from which given rule originated; 
a count of the number of prefix bits specified by the filter for the given rule; and 
a time stamp indicating when the given rule was incorporated into the set of 
network service rules. 
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26. (Original) The apparatus of claim 19, wherein an action specified by a 
network service rule can include, but is not limited to: 

dropping a packet; 

gathering statistical information about the packet; 
controlling timer functions associated with the packet; 
modifying the packet; and 
passing the packet on. 

27. (Original) The apparatus of claim 1 9, wherein the multiple network 
services can include, but is not limited to: 

a firewall service; 

a service level agreement monitoring service; 
a load balancing service; 
a transport matching service; 
a failover service; and 
a high availability service. 



Allowable Subject Matter 



Claims 1,3-10,12-19,21-27 are allowed. 

The following is an examiner's statement of reasons for allowance: 

The provision for - 

a method for facilitating high speed network packet flow by resolving conflicts 
between network service rules for network data traffic in a system where rule patterns 
with longer prefixes match before rule patterns with shorter prefixes, comprising: 

receiving one or more flows of packets; 
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receiving a set of networl^ service rules for networl< data traffic from multiple 
network services, wherein network service rules from different network services can 
possibly conflict; 

wherein each of the network service rules specifies, a filter that defines a prefix 
for a set of packets in the packet flow, and an action list that specifies one or more 
actions to be applied to the set of packets; 

identifying conflicts between higher priority rules and lower priority rules in the set 
of network service rules that are to be applied to packet flows; 

constructing a consistent set of network service rules with modified action lists, 
wherein each action list is modified by prepending an action list of the higher priority rule 
to an action list of a rule with a filter that defines a longer prefix , , v yherein, , if the , set , of 

. X " ^.^^^-s - ^ \ ^ . ^ . . . ^ ^ xets associated 

with the lower priority rule, conslructsng the set of network service rules involves 
creating a new action list for the higher priority rule by prepending the actio n list of the 
higher priority rule to the action list of the lower priority rule: and 

applying the consistent set of rules to a switching mechanism to facilitate packet 

flow management 

- wherein all the features previously described are combined in one singular 
embodiment, is not fairly taught or suggested by the prior art of record. 

The Examiner finds particular novelty in the packet flow control and management 
method and apparatus as described in the Applicant Specification (Page 13, Paragraph 
55, Page 19, Page 26-27 ) wherein the flow enforcement resolves rule conflicts by 
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creating a new action list for the higher priority rule by prepending the action list of the 
higher priority rule to the action list of the lower priority rule. 

Engbersen disclosed a system in which data packets are handled according to 
one of several rules. However Engbersen does not disclose wherein the flow 
enforcement resolves rule conflicts by creating a new action list for the higher priority 
rule by prepending the action list of the higher priority rule to the action list of the lower 
priority rule. 

Chan disclosed a system for merging rulesets in a rule-based system, wherein 
each ruleset comprise rules in potential conflict with each other. However Chan does 

not disclose resolving rule conflicts by creating a new action list for the higher priority 
rule by prepending the action list of the higher priority rule to the action list of the lower 
priority rule. 

Liao disclosed methods for finding a match between target bit pattern and 
multiple filter bit patterns. However Liao does not disclose resolving rule conflicts by 
creating a new action list for the higher priority rule by prepending the action list of the 
higher priority rule to the action list of the lower priority rule. 
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Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 



Conclusion 



In the case of amending the claimed invention, Applicant is respectfully 
requested to indicate the portion(s) of the specification which dictate(s) the structure 
relied on for proper interpretation and also to verify and ascertain the metes and bounds 
of the claimed invention. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to GREG BENGZON whose telephone number is 
(571)272-3944. The examiner can normally be reached on Mon. thru Fri. 8 AM - 4:30 
PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William Vaughn can be reached on (571)272-3922. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/G. B./ 

Examiner, Art Unit 2144 
/John Follansbee/ 

Supervisory Patent Examiner, Art Unit 2151 



